Google Releases Patch for Android Flaw That Can Be Exploited for Bitcoin Wallet Theft

The SecureRandom class is utilized in over 360,000 Android applications

  Distribution of apps that use SecureRandom
In a blog post published on Wednesday, Android Security Engineer Alex Klyubin confirmed the existence of the Android vulnerability that could be leveraged to compromise Bitcoin wallets. The issue lies in the SecureRandom class implementation.

In a blog post published on Wednesday, Android Security Engineer Alex Klyubin confirmed the existence of the Android vulnerability that could be leveraged to compromise Bitcoin wallets. The issue lies in the SecureRandom class implementation.

“We have now determined that applications which use the Java Cryptography Architecture (JCA) for key generation, signing, or random number generation may not receive cryptographically strong values on Android devices due to improper initialization of the underlying PRNG,” Klyubin explained.

“Applications that directly invoke the system-provided OpenSSL PRNG without explicit initialization on Android are also affected. Applications that establish TLS/SSL connections using the HttpClient and java.net classes are not affected as those classes do seed the OpenSSL PRNG with values from /dev/urandom,” he added.

Android has developed patches to make sure the OpenSSL PRNG is correctly initialized. In addition, developers who use JCA for key generation, signing, or random number generation have been provided with information on how to address the issue.

According to Symantec, over 360,000 Android apps make use of SecureRandom. More than 320,000 of these use SecureRandom in the same way as the impacted Bitcoin wallets do.

“Certain bitcoin wallets applications using Android’s SecureRandom signed multiple transactions using an identical ‘random’ number. Since transactions are public on the bitcoin network, attackers scanned the transaction block chain looking for these particular transactions to retrieve the private key and transfer funds from the bitcoin wallet without the owner’s consent,” the company noted.

The vulnerability has been leveraged to transfer at least 55.82152538 coins from various wallets.

Ars Technica has learned that the issue impacts all versions of Android, not just the 4.2 and earlier variants.

In the meantime, the initial post on Bitcoin.org has been updated to clarify that updates have been released for Bitcoin Wallet, BitcoinSpinner, blockchain.info and Mycelium Bitcoin Wallet.

Comments